jc/wordpress_enumeration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
62e5c11ac8e408b0c85741f23d5d50e6652d055f
wordpress_enumeration/scrap.py
T
jc 247cc24b13 slight change made
2025-06-23 04:44:40 +00:00

182 lines
6.3 KiB
Python
Raw Blame History

#!/usr/bin/python3
# Fix the "No known fix" lines to map versions that are vulnerable
# Fix the rel_themes, rel_plugins population issue
import string
import asyncio
import httpx
import re
import html
import requests
from datetime import datetime
def write_vulns(read_in, write_out, spec):
with open(read_in, "r") as file:
data = file.read()
match = re.findall(rf'(vulns_{spec}=\(.*\))', data)[0]
data = data.replace(match, f"vulns_{spec}=({write_out})")
with open(read_in, "w") as file:
file.write(data)
def write_releases(read_in, write_out, spec):
with open(read_in, "r") as file:
data = file.read()
match = re.findall(rf'(releases_{spec}=\(.*\))', data)[0]
data = data.replace(match, f"releases_{spec}=({write_out})")
with open(read_in, "w") as file:
file.write(data)
def write_wp(read_in, write_out, lv):
with open(read_in, "r") as file:
data = file.read()
match = re.findall(r'(releases=\(.*\))', data)[0]
data = data.replace(match, f"releases=({write_out})")
match = re.findall(r'lv=[\d.]+', data)[0]
data = data.replace(match, f"lv={lv[0]}")
with open(read_in, "w") as file:
file.write(data)
def scrap_wordpress():
print("[+] Scrapping WordPress")
url = "https://wordpress.org/download/releases/"
r = requests.get(url)
versions = re.findall(r'">([\d.]+)</', r.text)
del versions[7:55]
versions = versions[1:714]
lv.append(versions[0])
dates = [datetime.strptime(a, "%B %d, %Y").strftime("%d-%m-%Y") for a in re.findall(r'<td class="wp-block-wporg-release-tables__cell-date">([A-Z][a-z]+ [\d]+, [\d]+)</td>', r.text)][1:714]
for i in range(0, len(versions)):
wp.append(f"\"{versions[i]} {dates[i]}\"")
async def first_scrap(client, c, spec):
params = {"page":f"{c}"}
r = await client.get(f"https://wpscan.com/{spec}/", params=params)
if "No results found" in r.text: return
s = html.unescape(r.text)
try:
m = re.findall(rf'\t\t([a-zA-Z0-9-]+)\t</a>', s)
l = len(m)
plugins.update(m) if (l > 0 and spec == "plugins") else themes.update(m) if (l > 0 and spec == "themes") else ""
except:
pass
async def second_scrap(client, c, char, spec):
params = {"page":f"{c}", "get":f"{char}"}
r = await client.get(f"https://wpscan.com/{spec}/", params=params)
if "No results found" in r.text: return
s = html.unescape(r.text)
try:
m = re.findall(rf'\t\t([a-zA-Z0-9-]+)\t</a>', s)
l = len(m)
plugins.update(m) if (l > 0 and spec == "plugins") else themes.update(m) if (l > 0 and spec == "themes") else ""
except:
pass
async def final_scrap(client, item, spec):
r = await client.get(f"https://wpscan.com/{spec}/{item}/")
s = html.unescape(r.text)
vuln = [a[:-1] if a[-1] == " " else a for a in re.findall(r'<a href=.*vulnerability.*\n\t\t(.*)\t', s)]
vuln = [re.findall(r'(?<=[\d] - ).+|(?<=- ).+', vuln[i])[-1].replace(" ", ".") if "- " in vuln[i] else vuln[i].replace(".", ",").replace(" ", ".") for i in range(len(vuln))]
version = re.findall(r'x-icon.svg"\n\t\t\t\t\talt\n\t\t\t\t/>\n\t\t\t\t(.*)\t\t\t</div>|checkmark-green-alt.svg"\n\t\t\t\t\talt\n\t\t\t\t/>\n\t\t\t\t[a-zA-Z ]+(.*)\t\t\t</div>', s)
version = [a[0].replace(" ", ".") if a[0] else a[1] for a in version]
severity = re.findall(r'"vulnerabilities__table--cvss-text">\n\t\t\t\t\t<.*>\n\t\t\t\t(.*)', s)
severity = [a.split("(")[1].split(")")[0].upper() if a != "n/a" else "" for a in severity]
for i in range(len(severity)):
out_plugins.append(f"\"{item} {version[i]} {vuln[i]} {severity[i]}\"") if spec == "plugin" else out_themes.append(f"\"{item} {version[i]} {vuln[i]} {severity[i]}\"") if spec == "theme" else ""
async def scrap_version(client, item, spec):
r = await client.get(f"https://wordpress.org/{spec}/{item}/")
try:
m = re.findall(r'Version <strong>(.*)</strong>', r.text)[0] if spec == "plugins" else re.findall(r'Version</span>\n\t\t\t\t\t\t<span>(.*)</span>', r.text)[0] if spec == "themes" else ""
rel_plugins.append(f"\"{item} {m}\"") if spec == "plugins" else rel_themes.append(f"\"{item} {m}\"") if spec == "themes" else ""
except:
pass
plugins=set([])
themes=set([])
out_plugins=[]
out_themes=[]
rel_plugins=[]
rel_themes=[]
wp=[]
lv=[]
async def main():
scrap_wordpress()
async with httpx.AsyncClient(timeout=None, verify=False) as client:
tasks=[first_scrap(client, c, "plugins") for c in range(1, 6)]
await asyncio.gather(*tasks)
tasks=[scrap_version(client, plugin, "plugins") for plugin in plugins]
tasks+=[final_scrap(client, plugin, "plugin") for plugin in plugins]
await asyncio.gather(*tasks)
plugins.clear()
charset=string.ascii_lowercase
for i in range(len(charset)):
char = charset[i]
print(f"\r[+] Scrapping Plugins starting with {char}", end="", flush=True)
for l in range(1, 200, 100):
tasks=[second_scrap(client, c, char, "plugins") for c in range(l, l+100)]
await asyncio.gather(*tasks)
tmp=[list(plugins)[i:i+50] for i in range(0, len(plugins), 50)]
for k in range(len(tmp)):
tasks=[scrap_version(client, plugin, "plugins") for plugin in tmp[k]]
tasks+=[final_scrap(client, plugin, "plugin") for plugin in tmp[k]]
await asyncio.gather(*tasks)
plugins.clear()
print()
tasks=[first_scrap(client, c, "themes") for c in range(1, 6)]
await asyncio.gather(*tasks)
tasks=[scrap_version(client, theme, "themes") for theme in themes]
tasks+=[final_scrap(client, theme, "theme") for theme in themes]
await asyncio.gather(*tasks)
themes.clear()
charset=string.ascii_lowercase
for i in range(len(charset)):
char = charset[i]
print(f"\r[+] Scrapping Themes starting with {char}", end="", flush=True)
for l in range(1, 200, 100):
tasks=[second_scrap(client, c, char, "themes") for c in range(l, l+100)]
await asyncio.gather(*tasks)
tmp=[list(themes)[i:i+50] for i in range(0, len(themes), 50)]
for k in range(len(tmp)):
tasks=[scrap_version(client, theme, "themes") for theme in tmp[k]]
tasks+=[final_scrap(client, theme, "theme") for theme in tmp[k]]
await asyncio.gather(*tasks)
themes.clear()
print()
asyncio.run(main())
# Update releases=()
write_wp("enum.sh", " ".join(wp), lv)
# Update releases_plugins=()
write_releases("enum.sh", " ".join(rel_plugins), "plugins")
# Update vulns_plugins=()
write_vulns("enum.sh", " ".join(out_plugins).replace("`", "'"), "plugins")
# Update releases_themes=()
write_releases("enum.sh", " ".join(rel_themes), "themes")
# Update vulns_themes=()
write_vulns("enum.sh", " ".join(out_themes).replace("`", "'"), "themes")
Reference in New Issue View Git Blame Copy Permalink